Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85A969C6446911F185563CDECE1D38B0.roa
File: 85A969C6446911F185563CDECE1D38B0.roa (raw, json)
Hash identifier: //HONIBe+4AQ8cd2OoiMthWqk/rnbFKqfsw/zbiZR8w=
Subject key identifier: 38:E8:B8:6B:A5:77:B7:BF:5A:78:9B:7B:2F:2E:D5:6B:67:B0:21:69
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01C7F5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85A969C6446911F185563CDECE1D38B0.roa
Signing time: Thu 30 Apr 2026 07:52:23 +0000
ROA not before: Thu 30 Apr 2026 07:52:18 +0000
ROA not after: Sun 24 May 2026 07:52:18 +0000
asID: 209242
IP address blocks: 154.90.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 May 2026 00:07:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116725 (0x1c7f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 30 07:52:18 2026 GMT
Not After : May 24 07:52:18 2026 GMT
Subject: CN=69f30a37-368a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:4c:b9:89:ba:83:04:da:14:77:e8:28:90:29:
13:6d:a4:6c:aa:e8:9e:79:71:21:09:c5:95:60:23:
86:83:03:17:e2:8a:ec:ed:71:f4:7d:23:82:c8:51:
ca:77:53:0a:47:be:f7:4e:22:fb:fb:6f:a7:ae:b5:
5d:ce:4e:cf:52:f6:68:e9:0b:1a:44:60:18:a4:e0:
1a:b7:36:9a:ce:57:a1:65:14:5c:0a:01:0a:28:22:
e8:05:dd:37:08:b6:a4:c1:00:4f:c1:a8:5e:d2:06:
94:7a:39:cd:8e:98:73:a5:1d:9a:33:b1:d5:2b:48:
71:f2:b5:18:17:22:bc:0b:16:06:c0:56:90:b6:56:
99:8f:a6:cd:c3:04:7a:2e:89:ca:4e:ba:ee:70:c3:
6f:5d:82:e1:36:c2:9a:34:ea:b4:59:fb:09:88:ed:
b2:d1:c4:d7:33:0c:1b:85:d1:a3:2a:82:12:47:e7:
f4:8b:17:a2:fc:73:a5:0e:48:95:a9:dc:c0:b5:1f:
6d:d8:f8:65:a0:44:ef:42:a6:73:08:a9:ad:c5:1a:
bc:01:82:23:52:4f:43:cf:fb:18:9c:8c:fa:ef:e5:
64:8e:f9:c0:24:fc:c9:78:ae:84:76:cc:32:f8:3c:
16:79:46:f3:bc:01:63:c3:02:5f:c4:fe:f0:8f:06:
9b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E8:B8:6B:A5:77:B7:BF:5A:78:9B:7B:2F:2E:D5:6B:67:B0:21:69
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/85A969C6446911F185563CDECE1D38B0.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.70.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:19:27:71:5e:51:9c:c1:69:bf:43:b4:e4:24:de:bc:3e:dd:
ea:bd:87:a4:fe:df:f5:43:07:ea:b3:61:b6:15:da:0d:cb:e8:
ea:30:19:a9:a8:4d:84:e1:de:eb:91:ae:70:41:4a:df:0b:34:
31:fc:b3:7e:09:59:ff:a0:00:dd:04:8d:a0:65:e7:38:71:3b:
52:7b:eb:39:d0:1b:35:6a:5a:88:e9:d1:12:39:c7:30:3f:01:
c1:f8:fd:c2:8e:20:30:34:36:8d:67:0f:84:df:c0:7e:d0:67:
25:da:d8:8a:29:d8:e4:0f:93:74:4c:1f:f5:5e:f1:32:4d:6b:
0d:fd:95:b5:f9:39:b7:92:1b:e5:69:26:54:7b:3e:33:7d:10:
85:3e:a6:d1:e4:e7:53:fa:b4:e6:06:80:e0:11:a9:ae:5d:22:
0f:f5:9b:30:e8:51:cc:ae:97:dc:ba:1f:55:71:26:c9:a1:0f:
82:07:ee:1e:b2:5d:bb:91:81:95:4b:ec:8d:0e:83:53:9b:b6:
27:e1:07:25:c2:5c:17:be:82:68:7e:ce:3a:1f:82:75:16:ad:
0c:dd:31:0e:c9:d7:f8:81:7f:2f:7a:a0:6e:75:e4:34:18:a3:
f0:41:ff:bb:0b:6f:88:d0:89:b1:b3:6c:f5:d6:ab:ac:01:84:
0e:66:d3:95
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAcf1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjYwNDMwMDc1MjE4WhcNMjYwNTI0MDc1MjE4WjAYMRYw
FAYDVQQDEw02OWYzMGEzNy0zNjhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6Ey5ibqDBNoUd+gokCkTbaRsquieeXEhCcWVYCOGgwMX4ors7XH0fSOC
yFHKd1MKR773TiL7+2+nrrVdzk7PUvZo6QsaRGAYpOAatzaazlehZRRcCgEKKCLo
Bd03CLakwQBPwahe0gaUejnNjphzpR2aM7HVK0hx8rUYFyK8CxYGwFaQtlaZj6bN
wwR6LonKTrrucMNvXYLhNsKaNOq0WfsJiO2y0cTXMwwbhdGjKoISR+f0ixei/HOl
DkiVqdzAtR9t2PhloETvQqZzCKmtxRq8AYIjUk9Dz/sYnIz67+VkjvnAJPzJeK6E
dswy+DwWeUbzvAFjwwJfxP7wjwabSQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDjo
uGuld7e/Wnibey8u1WtnsCFpMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84NUE5NjlDNjQ0NjkxMUYxODU1NjNDREVDRTFEMzhCMC5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlpGMA0GCSqGSIb3DQEB
CwUAA4IBAQClGSdxXlGcwWm/Q7TkJN68Pt3qvYek/t/1Qwfqs2G2FdoNy+jqMBmp
qE2E4d7rka5wQUrfCzQx/LN+CVn/oADdBI2gZec4cTtSe+s50Bs1alqI6dESOccw
PwHB+P3CjiAwNDaNZw+E38B+0Gcl2tiKKdjkD5N0TB/1XvEyTWsN/ZW1+Tm3khvl
aSZUez4zfRCFPqbR5OdT+rTmBoDgEamuXSIP9Zsw6FHMrpfcuh9VcSbJoQ+CB+4e
sl27kYGVS+yNDoNTm7Yn4QclwlwXvoJofs46H4J1Fq0M3TEOydf4gX8veqBudeQ0
GKPwQf+7C2+I0Imxs2z11qusAYQOZtOV
-----END CERTIFICATE-----
Generated at Sat May 9 11:02:07 2026 by rpki-client